However, there are also less familiar ways to give your security a boost. One such method is to change your DNS provider.

Why is changing your DNS a good idea? What security benefits does it bring? Keep reading to find out.

What Is DNS?

Before explaining why changing your DNS is a good idea, let’s clarify what DNS is. If you’re already familiar with the term, feel free to skip this section.

DNS stands for Domain Name System. You can think of it as the phone book of the internet. It’s the technology that translates the easily-memorable URL of a website (www.[name].com) into a numerical IP address. IP addresses are how devices, computers, and services are located on a network.

Your ISP will automatically route your traffic through its own DNS servers, but there are lots of third-party offerings to choose from. From a security standpoint, the third-party options are often much better than an ISP’s DNS servers.

1. DNSSEC

DNS technology is predominantly vulnerable to two main attack vectors: spoofing attacks and denial-of-service (DoS) attacks.

Spoof attacks have the aim of redirecting you from legitimate to malicious websites. They lead to cache poisoning; corrupted data is introduced to a DNS resolver’s cache and you’ll repeatedly be directed to an incorrect IP address.

The media frequently covers DoS attacks and the public has a better understanding of them. Hackers use them to directly vast amounts of traffic to a website using a forged source IP address. The site in question typically becomes inaccessible.

DNSSEC is the de facto solution to these threats — but providers have not implemented it universally. At the time of writing, most ISPs do not offer DNSSEC on their DNS servers. Lots of third-party ones, including Google and OpenDNS, do provide it.

The technology effectively means your machine cannot be caught up in spoof attacks or DoS attacks; signatures become impossible to forge without access to private keys and resolvers will reject any responses that contain incorrect keys.

2. DNS-over-HTTPS

Third-party DNS servers have also started introducing DNS-over-HTTPS technology.

Most DNS queries are sent using either a UDP or TCP connection without encryption. Obviously, this has security implications: you’ll be vulnerable to eavesdropping, spoofing, and tampering, among other things. You’re particularly at risk if you frequently get responses from recursive DNS resolvers.

DNS-over-HTTPS allows DNS queries to be resolved using an encrypted HTTPS connection instead. It works in conjunction with DNSSEC to give users authenticated end-to-end DNS lookups. As such, the security between a client and a recursive resolver is greatly enhanced.

Google’s DNS servers have been using the technology since April 2016.

3. Phishing Protection

You should be familiar with phishing scamsHow to Spot a Phishing EmailHow to Spot a Phishing EmailCatching a phishing email is tough! Scammers pose as PayPal or Amazon, trying to steal your password and credit card information, are their deception is almost perfect. We show you how to spot the fraud.Read More. In short, they are cyber-criminals attempt to make you give up highly-sensitive information. Typically, an email or website will pose as a legitimate business and ask you to enter your bank details, address, or other personal data.

Some third-party DNS servers — including OpenDNS — offer phishing protection. While it’s true that most modern browsers now include built-in phishing protection, the OpenDNS feature is useful if you have to use an old browser on an office network or you’re running Windows XP and cannot use a browser beyond Internet Explorer 6.

Be warned, features such as phishing protection are a trade-off: the more extra services your DNS includes, the slower it will run.

However, both operating systems’ tools are dependent on managing the controls on a user-by-user basis. If your child happens to start using your machine on an adult account, they might accidentally stumble across salacious content.

Some DNS servers offer a solution to the paradox. For example, OpenDNS allows you to configure blacklisted and whitelisted sites from its website. You can even block entire categories of sites — useful for keeping your kids off social media when they should be doing their homework.

Best of all, OpenDNS lets you set the parental controls at a network level: it will protect all your phones, laptops, tablets, and games consoles.

How to Change Your DNS

How you change your DNS server depends on which operating system you’re using. I’m only going to detail the process for Windows and Mac (there are too many Linux variants to cover them all). You can also change the DNS settings on your router, but again, the permutations are too numerous to cover here.

I am surprised that you're not mentioning any worries regarding Google DNS servers. Do you consider Google to be trustworthy to handle your private data? Reliable VPNs do not recommend to use google servers since Google is known for collecting and sharing private information.

Dan is a British expat living in Mexico. He is currently a Senior Writer for MakeUseOf. At various times, he has been the Social Editor, Creative Editor, and Finance Editor. Prior to his writing career, he was a Financial Consultant.